ClawHub

Agent Browser

Security checks across malware telemetry and agentic risk

Overview

This is a coherent browser automation skill, but it gives agents broad control over authenticated web sessions without enough safety guidance for saved cookies, credentials, and session files.

Review before installing. Use a dedicated browser profile or test account where possible, avoid exposing cookies/localStorage/session files unless necessary, do not commit auth.json or recordings/screenshots from logged-in sessions, and require explicit approval before submitting forms, uploading files, changing account data, or replaying authenticated sessions.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Rogue AgentSelf-Modification, Session Persistence
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The skill explicitly documents writing screenshots, PDFs, videos, and browser state to local files, but gives no warning that these artifacts may contain sensitive page contents, authentication state, or personal data. In an agent setting, this can lead to unintentional persistence of secrets or regulated data on disk where other processes or users may later access them.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill exposes commands to view and modify cookies, localStorage, headers, credentials, and saved auth state without any privacy or security caveats. In a browser automation skill, these capabilities directly touch authentication material and session secrets, so omission of handling guidance increases the chance of credential leakage, session hijacking, or unsafe reuse of privileged browser state.

Session Persistence

Medium
Category
Rogue Agent
Content
```bash
agent-browser state save auth.json    # Save session state
agent-browser state load auth.json    # Load saved state
```

## Example: Form submission
Confidence
92% confidence
Finding
Load saved state

Session Persistence

Medium
Category
Rogue Agent
Content
agent-browser wait --url "/dashboard"
agent-browser state save auth.json

# Later sessions: load saved state
agent-browser state load auth.json
agent-browser open https://app.example.com/dashboard
```
Confidence
95% confidence
Finding
load saved state

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal